This privacy notice will help you understand how Seven Publishing Group Ltd t/a 7C3 uses and protects your personal data.
You can contact our voluntarily appointed Data Protection Officer, Simon Ghent at simon.ghent@c3.co if you have any concerns or wish to exercise your rights.
If you prefer you can write to us at 78 York Street, London, England, W1H 1DP.
Seven Publishing Group Ltd t/a 7C3 never forget it’s your right to total transparency and control on how we use your data. As such we give you these promises:
o We will only collect data about you that is relevant and necessary;
o Your data will only be held on systems that meet compliance standards;
o Your data will only be accessed by those who need it and we will minimise the amount of data that is processed, wherever possible;
o We won’t share except for the marketing of our own services to you, where we are required to share it by law, if we need to inform a regulatory body or need to fulfil our service commitments to you through a third party that meets our own privacy standards;
o We will always remember that it is your personal data, not ours. As such we will ensure complete transparency and openness with you wherever possible.
o We respect your rights as outlined in the next section and will respond to all requests promptly
You have the following rights over any data we hold about you:
o Your right of access – You have the right to ask us for copies of your personal information.
o Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
o Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
o Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
o Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
o Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You can read more about your rights here. If you would like to uphold your rights, then please contact our Data Protection Officer at simon.ghent@c3.co
If you are in dissatisfied with our response you also have the right to lodge a complaint with the Data Protection Authority. This can be done at https://ico.org.uk/concerns/
We mainly only process the data you have provided to us. This may be from:
o Filling in a form on one of our websites – either our own or those we operate on behalf of our partners,
o Sending us your details either directly or through our partners
o Providing your details to us at events or in other promotions
o Your employer as part of our Services delivery to them.
If you belong to an organisation, we may also source your information from public databases and other sources for our Legitimate Interests.
We try and minimise the data held and the exact data elements we hold will be dependent on your journey with us. Typically, data elements we collect is restricted to:
o Your personal contact details – email address, IP Address, phone numbers, business related social media page such as LinkedIn and source of your data;
o Your company details – as above but also address, website and other public held information including credit rating and invoicing details if relevant.
o Transmitted information – such as emails, texts, messaging, phone call information and recordings, voice mails, email, meeting notes, CVs and document tracking information.
Calls may also be recorded for information holding, quality and training purposes.
Data is processed/stored mainly on encrypted cloud services such Microsoft 365 including Azure and Salesforce, and Hubspot for marketing.
In addition, we may use Large Language Models (LLM) to help us fulfil some of our services to your employee. A full list of these systems can be provided on request. These services all have strong data security at the heart of their systems including ISO27001 and SOC2 certification.
We ensure that access to these services is strictly controlled and include strong authentication processes like Multi Factor Authentication.
If we connect on Social Media platforms, we may transfer this information to our platforms to track our interactions.
As a multinational service provider, we operate in several jurisdictions. Data will be processed in either the UK, EEA/EU data centres or on US based servers that have demonstrated strong Data Security. We may also process your data in countries outside the UK or European Union from time to time in other aspects of our business.
Further to Section 119A of the Data Protection Act 2018 and noting Case C-311/18 in the European Court of Justice, if your data is transferred or processed outside of the UK or EEA, we ensure the safeguards of International Data Transfer Agreements (IDTAs) or Addendums are enforced. Where this is not possible, we ensure that European Standard Contractual Clauses are entered. For data transfer between the USA, we may rely on the Data Privacy Framework or the UK Extension Data Bridge.
We regularly review suppliers for data security compliance to ensure your data is safe and track where your data is held.
All our processes are subject to various internal policies to ensure that your data privacy and security is upheld.
We process your data for several reasons:
o To fulfil a contractual obligation or service to you or on behalf of our clients
o To better understand your needs.
o To improve our services and products.
o To send invitations to events and follow these up if you have signed up to them.
o To send you promotional emails containing the information we think you will find interesting.
We always ensure we have a “legal basis” to use your data for the purpose we have collected it for.
We share information where others are involved in the delivery of your service. These include:
· Digital Marketing Service Providers and Agents to conduct marketing activity on our behalf
· Print Fulfilment and Subscription Delivery Partners
· Where we have a legal obligation to
· Within the group of companies we belong to
We use a Third-Party Data Protection Officer (DPO) for compliance purposes. Should you have a data protection query or complaint your details may be passed to him to assist us. In all other cases our DPO does not have access to your data.
Our website and other materials sent to you may contain links to other third-party websites. We may also offer buttons to social media that link to third party services. We’re not responsible for the availability, content or data privacy these sites provide through their tools or sites.
We use Google Adsense on several of our platforms. We use googles CMP for consent management and you will have the option to opting into personalised adverts on these sites if you choose to.
If we are involved in a merger, acquisition or asset sale, personal data may be transferred between parties, but we will provide notice before personal data is transferred and becomes subject to a different privacy policy.
Dependant on the data you provide us and for what purpose it is provided we may need to retain your data based on your journey with us. Typically, we will retain your data for 5 years following the end of engagement with us.
If you wish to find out more about your specific data retention, please contact us.
Every marketing email sent from Us allows you to opt out of receiving emails from us, except for the purposes of fulfilling any contractual arrangements.
You can also contact us at the email address above and request to opt out, view, export or delete your data. If you request for your data to be deleted, your name and email address will be added to an exceptions list and all other data removed to the extent possible.
If you request for your data to be deleted, your name and email address will be added to an exceptions list and all other data removed to the extent possible.
If you ask for us to send information to a relative or friend, you warrant you have the consent from them to share their data with us.
We seek to uphold our legal obligations as covered by the Data Protection Act 2018, Data Use and Access Act 2025 and the General Data Protection Regulation 2016. Our Data Protection Authority is designated as the Information Commission (IC) formally the Information Commissioners Office (ICO). This Privacy Policy is reviewed on a regular basis and was last reviewed in August 2025.
We retain the right to update this notice at any time. We will always document any changes and will publish the latest version on the company’s intranet.
Due to our global reach, we do not warrant compliance with all legal obligations in countries that we operate in outside of the UK.
This Privacy Policy is reviewed on a regular basis and was last reviewed in August 2025.
